Imported repo owners
61 views
Skip to first unread message
William Cork
Jun 30, 2015, 6:10:36 PM6/30/15
to git...@googlegroups.com
Everything has worked beautifully so far with Gitblit. Works exactly as desired. Almost.
When launching the server and after synchronizing users with our LDAP server, it discovers all our repositories.
However, none of the repositories have been given owners or group(team) assignments. In our current implementation of git, we use user/group privileges in our file/folder structure.
Something like this:
drwxrwsr-x 7 user1 engineering 4096 Jul 30 2013 Camera.git/Which I would assume Gitblit would be configured to assign the owner of the repo to user1 and the group(team) to engineering.
I know Gitblit uses the git config metadata to assign these things from the web UI and the fact we use bare repositories might be inflicting this pain. Based on this functionality, it shouldn't be hard for me to write a script to assign "gitblit.owner=${someUser}".. etc to each of the repositories if need be but I'd like some input.
Is there a configuration for this? Am I missing something?
Thanks,
Will
James Moger
Jun 30, 2015, 7:12:17 PM6/30/15
to git...@googlegroups.com
Hi Will,
You aren't missing anything; Gitblit doesn't work that way. It does not respect Unix user/group permissions; it tries to be platform agnostic.Your best bet would be the script approach you described to assign ownership.
--
You received this message because you are subscribed to the Google Groups "gitblit" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gitblit+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
William Cork
Jul 1, 2015, 10:31:43 AM7/1/15
to git...@googlegroups.com
Good to know! I've started looking into creating a plugin (linux specific) to handle this action. Is there a hook to trigger these actions post- LDAP sync?
-Will
James Moger
Jul 1, 2015, 10:40:39 AM7/1/15
to git...@googlegroups.com
Sorry, that is not an exposed hook point. Never thought of it!
-JWilliam Cork
Jul 1, 2015, 10:44:31 AM7/1/15
to git...@googlegroups.com
Actually, a hook for when the repository cache is updated would be preferred. Giving no time for a repo to be ownerless.
William Cork
Jul 2, 2015, 10:20:29 AM7/2/15
to git...@googlegroups.com
My first draft of creating a plugin to fit this need. In our case, we cache the repository list on startup so, the LifeCycleListener hook works for us. The problem, however, is I cannot find a simple means of giving the group the correct privileges.
Have a look?
import com.gitblit.extensions.LifeCycleListener;
import com.gitblit.manager.IRepositoryManager;
import com.gitblit.manager.IRuntimeManager;
import com.gitblit.manager.IUserManager;
import com.google.inject.Inject;
import org.eclipse.jgit.internal.storage.file.FileRepository;
import org.eclipse.jgit.lib.Repository;
import org.eclipse.jgit.lib.StoredConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ro.fortsoft.pf4j.Extension;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.attribute.PosixFileAttributeView;
import java.nio.file.attribute.PosixFileAttributes;
/**
* Manages users and groups of all repos base on posix attributes.
*
* @author William Cork
*/
@Extension
public class GitBlitRepoPosixPlugin extends LifeCycleListener
{
final Logger log = LoggerFactory.getLogger(getClass());
final IRuntimeManager runtimeManager;
final IRepositoryManager repositoryManager;
final IUserManager userManager;
@Inject
public GitBlitRepoPosixPlugin(IRuntimeManager runtimeManager,
IRepositoryManager repositoryManager,
IUserManager userManager)
{
this.runtimeManager = runtimeManager;
this.repositoryManager = repositoryManager;
this.userManager = userManager;
}
@Override
public void onStartup()
{
try
{
//Modify repos to owner:group
modDirectoryRecursive(runtimeManager.getBaseFolder());
} catch (IOException e)
{
log.warn("GitBlitDirectoryManager failure");
}
//Reset the repo cache
repositoryManager.resetRepositoryListCache();
}
@Override
public void onShutdown()
{
//do nothing
}
private void modDirectoryRecursive(File currentDir) throws IOException
{
//Recursive search for *.git dir
//System.out.println("Entering " + currentDir.getAbsolutePath());
File[] currentFileNames = currentDir.listFiles();
if (currentFileNames == null) throw new AssertionError();
for (File file : currentFileNames)
{
if (file.isDirectory())
{
if (file.getName().matches(".*.git")) //Found a git repo
{
//Add configs.
PosixFileAttributes attrs = Files.getFileAttributeView(file.toPath(),
PosixFileAttributeView.class).readAttributes();
log.debug(this.getClass().getName() + ": Found a repo: " + file.getAbsolutePath());
Repository localRepo = new FileRepository(file.getPath() + "/.git");
StoredConfig localConfig = localRepo.getConfig();
log.debug(this.getClass().getName() + ": Configuring owner and group to: " +
attrs.owner() + ":" + attrs.group());
//Configs based on 'git config -l' on hand configured repository
// gitblit.owner=OWNER_NAME
localConfig.setString("gitblit", null, "owner", attrs.owner().getName());
// gitblit.acceptnewpatchsets=true
localConfig.setBoolean("gitblit", null, "acceptnewpatchsets", true);
// gitblit.acceptnewtickets=true
localConfig.setBoolean("gitblit", null, "acceptnewtickets", true);
// gitblit.useincrementalpushtags=false
localConfig.setBoolean("gitblit", null, "useincrementalpushtags", false);
// gitblit.allowforks=true
localConfig.setBoolean("gitblit", null, "allowforks", true);
// gitblit.accessrestriction=VIEW
localConfig.setString("gitblit", null, "accessrestriction", "VIEW");
// gitblit.authorizationcontrol=NAMED
localConfig.setString("gitblit", null, "authorizationcontrol", "NAMED");
// gitblit.verifycommitter=false
localConfig.setBoolean("gitblit", null, "verifycommitter", false);
// gitblit.showremotebranches=false
localConfig.setBoolean("gitblit", null, "showremotebranches", false);
// gitblit.isfrozen=false
localConfig.setBoolean("gitblit", null, "isfrozen", false);
// gitblit.skipsizecalculation=false
localConfig.setBoolean("gitblit", null, "skipsizecalculation", false);
// gitblit.skipsummarymetrics=false
localConfig.setBoolean("gitblit", null, "skipsummarymetrics", false);
// gitblit.federationstrategy=FEDERATE_THIS
localConfig.setString("gitblit", null, "federationstrategy", "FEDERATE_THIS");
// gitblit.isfederated=false
localConfig.setBoolean("gitblit", null, "isfederated", false);
// gitblit.gcthreshold=500k
localConfig.setString("gitblit", null, "gcthreshold", "500k");
// gitblit.lastgc=1969-12-31T16:00:00-0800
localConfig.setString("gitblit", null, "lastgc", "1969-12-31T16:00:00-0800");
//Save and close repo
localConfig.save();
localRepo.close();
//TODO: Add repo to group(attrs.group().getName()) in users.conf via java API
} else
{
//Not a repo. Enter dir.
modDirectoryRecursive(file);
}
}
//else skip
}
}
}Thanks again,
-Will
James Moger
Jul 2, 2015, 11:35:33 AM7/2/15
to git...@googlegroups.com
Nice.
You might consider tweaking this line:if (file.getName().matches(".*.git"))Perhaps ".+\\.git" would be better? That should match only bare repos.
James Moger
Jul 2, 2015, 11:38:30 AM7/2/15
to git...@googlegroups.com
Hmm.
Repository localRepo = new FileRepository(file.getPath() + "/.git");
And this line limits you to reading checkouts. FYI, Gitblit rejects pushes to non-bare repos.
-JWilliam Cork
Jul 2, 2015, 12:09:17 PM7/2/15
to git...@googlegroups.com
Oh yeah, I forgot . is any character here. ".*\\.git" is the new regex.
I'm only intending on changing the metadata within the config file in the repository for gitblit so,
Repository localRepo = new FileRepository(file.getPath() + "/.git");works for us here.
For adding the group permissions, is there a handle or manager for this is gitblit? This can be done by editing users.conf by hand if necessary.
-Will
James Moger
Jul 2, 2015, 12:31:43 PM7/2/15
to git...@googlegroups.com
I'm only intending on changing the metadata within the config file in the repository for gitblit so,works for us here.
So your repos have local checkouts? Normally the presence of "/.git" is the local repository clone and you have a worktree. If this is really true on your server, then Gitblit will reject pushes to these repos. If not, then ignore my warning.
Take a look at IUserManager for updating user & team permissions.
-J
William Cork
Jul 2, 2015, 12:48:17 PM7/2/15
to git...@googlegroups.com
Ooooh good catch. You're correct, we have the bare repos on the server so I need to remove that string concatenation.
-Will
William Cork
Jul 2, 2015, 1:00:38 PM7/2/15
to git...@googlegroups.com
And the group permissions:
TeamModel localTeam = userManager.getTeamModel(attrs.group().getName());
localTeam.setRepositoryPermission(file.getPath(), Constants.AccessPermission.DELETE);I'll have to clean this up and push it to GitHub when it all works out. Maybe others will use this.
Thank you very much!
-Will
Message has been deleted
William Cork
Jul 2, 2015, 7:55:55 PM7/2/15
to git...@googlegroups.com
I'm receiving an exception after testing the plugin:
Current git repository is here: http://github.com/SeatherMarqx0/gitblit-plugin-gitblitrepoposixpermission
[WARN ] Failed startup of context o.e.j.w.WebAppContext@4a3bd45b{/,file:/home/cxrodev/Documents/Projects/java/TestGitblitPlugin/gitblit-1.6.2/data/temp/webapp/,STARTING}{file:/home/cxrodev/Documents/Projects/java/TestGitblitPlugin/gitblit-1.6.2/gitblit.jar}java.lang.NullPointerException at ro.fortsoft.pf4j.DefaultExtensionFinder.readIndexFiles(DefaultExtensionFinder.java:153) at ro.fortsoft.pf4j.DefaultExtensionFinder.find(DefaultExtensionFinder.java:54) at ro.fortsoft.pf4j.DefaultPluginManager.getExtensions(DefaultPluginManager.java:558) at com.gitblit.manager.PluginManager.getExtensions(PluginManager.java:288) at com.gitblit.servlet.GitblitContext.configureContext(GitblitContext.java:200) at com.gitblit.servlet.GitblitContext.contextInitialized(GitblitContext.java:131) at org.eclipse.jetty.server.handler.ContextHandler.callContextInitialized(ContextHandler.java:798) at org.eclipse.jetty.servlet.ServletContextHandler.callContextInitialized(ServletContextHandler.java:444) at org.eclipse.jetty.server.handler.ContextHandler.startContext(ContextHandler.java:789) at org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:294) at org.eclipse.jetty.webapp.WebAppContext.startWebapp(WebAppContext.java:1341) at org.eclipse.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1334) at org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:741) at org.eclipse.jetty.webapp.WebAppContext.doStart(WebAppContext.java:497) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132) at org.eclipse.jetty.server.Server.start(Server.java:387) at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114) at org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:61) at org.eclipse.jetty.server.Server.doStart(Server.java:354) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) at com.gitblit.GitBlitServer.start(GitBlitServer.java:475) at com.gitblit.GitBlitServer.main(GitBlitServer.java:124) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:497) at org.moxie.MxLauncher.main(MxLauncher.java:129)
Current git repository is here: http://github.com/SeatherMarqx0/gitblit-plugin-gitblitrepoposixpermission
Sorry about the libs, I plan on wiping the repo, using gradle and re-initializing the repo. There is something wrong with my build.
I'll update here when I get the time to play with it more.
-Will
James Moger
Jul 4, 2015, 4:18:38 PM7/4/15
to git...@googlegroups.com
Looks like your build process it not allowing PF4J[1] to generate it's index.
Your compiled jar/zip should have a META-INF/extensions.idx file which is generated by the PF4J annotation processor.
-J
William Cork
Jul 21, 2015, 6:12:28 PM7/21/15
to gitblit
Repository is much cleaner now.
Still having issues with getting the plugin to start. extensions.idx is set properly but, it seems like I'm missing some init method? I tried to follow your example here: https://github.com/gitblit/gitblit-cookbook-plugin. Specifically, MyLifeCycleListener which had a dependency on the guice library. I assumed 4.0 would work there (not specified in the maven pom). Also, since the library was not included with gitblit, I combined the classes into my output library and the following error still occurs.
Note: I've tried using JDK 1.8 and 1.7. Tried building the powertools plugin with maven, placed it on the server and had this same failure. BUT, downloading the powertools plugin directly, works.
Baffled at the moment.
2015-07-21 14:42:21 [ERROR] com.gitblit.plugin.gitblitrepoposixpermission.GitBlitRepoPosixListenerjava.lang.InstantiationException: com.gitblit.plugin.gitblitrepoposixpermission.GitBlitRepoPosixListener at java.lang.Class.newInstance(Class.java:427) at ro.fortsoft.pf4j.DefaultExtensionFinder$1.create(DefaultExtensionFinder.java:124) at ro.fortsoft.pf4j.DefaultExtensionFinder.find(DefaultExtensionFinder.java:72)Caused by: java.lang.NoSuchMethodException: com.gitblit.plugin.gitblitrepoposixpermission.GitBlitRepoPosixListener.<init>() at java.lang.Class.getConstructor0(Class.java:3082) at java.lang.Class.newInstance(Class.java:412) ... 28 more
William Cork
Jul 21, 2015, 7:52:30 PM7/21/15
to gitblit
Scratch that, the plugin works now. I simply used the static Managers to get what I needed. The error was from the default constructor being called (I didn't have one). Problem solved!
Reply all
Reply to author
Forward
0 new messages